0

How to secure a fireabase database?

Firebase api keys are in js and hence accessible.

Any firebase developer is familiar with all standard methods to extract data once he or she has the firebase api keys.

In this case all my data is practically public to the developer and in json format which can facilitate him to pull all the data at once.

I plan to make an android ios and web app with the same. Please help me solve my doubt someone..

Akash Sadavarte
  • 9
  • 1
  • If you have a specific type of attack on mind, please share. But otherwise this has been covered before and better than we can probably do now. (Thanks to @AndreKool for finding and marking the dupe). – Frank van Puffelen Oct 12 '16 at 11:08
  • Thanks a lot Frank.. – Akash Sadavarte Oct 12 '16 at 11:12
  • But I would like to ask a question. Assume that i have a database of all restaurants, which i show on my website. This database i have given rights to anonymous user. But a clean json object can be extracted by making another firebase project. That Data is my asset. and I dont want to handover it so simply. Could you please tell me how to work around with this problem. – Akash Sadavarte Oct 12 '16 at 11:13
  • The [Firebase security rules](https://firebase.google.com/docs/database/security/) allow you to precisely control who has access to what data. But in order for the data to be displayed in the user's app, they will have to be able to read that data. – Frank van Puffelen Oct 12 '16 at 13:46

0 Answers0